RhodeCode - issues: Issueshttps://issues.rhodecode.com/https://issues.rhodecode.com/favicon.ico?15286125692019-07-07T19:53:10ZRhodeCode - issues
Redmine RhodeCode CE/EE - Bug #5558 (Resolved): Commit compare window covers texthttps://issues.rhodecode.com/issues/55582019-07-07T19:53:10ZCatalin Salgau
<p>Commit compare window covers text<br>
Seen on pre-pull-request commit or when hitting &quot;compare origin on a fork repository&quot; (and reaching this url, for example)<br>
<a href="https://code.rhodecode.com/rhodecode-enterprise-ce/compare/rev%40tip...rev%40tip?merge=1">https://code.rhodecode.com/rhodecode-enterprise-ce/compare/rev%40tip...rev%40tip?merge=1</a></p>
RhodeCode CE/EE - Support #5546 (Resolved): experiments with mercurial 4.9https://issues.rhodecode.com/issues/55462019-03-01T15:22:33ZAndrás Kaptás
<p>Is there a way to host repos what were cloned by mercurial 4.9? All of them require an hg extension so called sparserevlog. This feature released in mercuial 4.7, and its already a default part of 4.9. <br>
The actual rhodcode uses mercurial 4.6.2.<br>
Can we upgrade it somehow?</p>
RhodeCode CE/EE - Support #5544 (Resolved): Use of authentication token with LDAP account results...https://issues.rhodecode.com/issues/55442019-02-26T22:03:13ZJohn Henning
<p>(Using the Community Edition)</p>
<p>We would like to use the authentication tokens for accounts used by automated systems. In our organization these &quot;service&quot; accounts are required to be managed in Active Directory/LDAP. Normally this is fine since Rhodecode works great with LDAP accounts. However, mixing an LDAP account with authentication token usage is an issue because of an LDAP configuration requirement for account lockout after a number of bad password attempts, and also general security monitoring of failed logins.</p>
<p>When using the authentication token to authenticate to Rhodecode, Rhodecode first attempts to authenticate the LDAP user against LDAP using the token as the password. This obviously fails thus incrementing the bad password counter (eventually locking the account) and also logging a failed login attempt in the monitoring of the LDAP system.</p>
<p>I have focused primarily on the service accounts in this filing, but this could also affect users that opt to use the token on shared systems where they would prefer to not record their LDAP password.</p>
<p>While the account is still technically usable in Rhodecode, this behavior creates a situation where the security monitoring of the accounts is muddied by the false failures. Is there a way to change the order in which Rhodecode attempts authentication to have it first verify against the authentication token rather than LDAP?</p>
<p>Related log output:</p>
<pre>[26/Feb/2019:16:37:04 -0500] GNCRN &lt;63245&gt; 127.0.0.1 rqt:0.471118 200 42 &quot;GET:/repogroup/repo cmd=batch&quot; usr:serviceaccount &quot;-&quot; &quot;mercurial/proto-1.0&quot;
2019-02-26 16:37:04.111 [54043] INFO [rhodecode.authentication.base] Authenticating user `serviceaccount` using egg:rhodecode-enterprise-ce#ldap plugin
2019-02-26 16:37:04.375 [54043] ERROR [rhodecode.authentication.plugins.auth_ldap] LDAP related exception
Traceback (most recent call last):
File &quot;/opt/rhodecode/store/p9vr3b65srfrkr4gbag23mpcdkk0xy6w-python2.7-rhodecode-enterprise-ce-4.12.4/lib/python2.7/site-packages/rhodecode/authentication/plugins/auth_ldap.py&quot;, line 463, in auth
(user_dn, ldap_attrs) = aldap.authenticate_ldap(username, password)
File &quot;/opt/rhodecode/store/p9vr3b65srfrkr4gbag23mpcdkk0xy6w-python2.7-rhodecode-enterprise-ce-4.12.4/lib/python2.7/site-packages/rhodecode/authentication/plugins/auth_ldap.py&quot;, line 338, in authenticate_ldap
&#39;with given password&#39;.format(username))
LdapPasswordError: Failed to authenticate user `serviceaccount`with given password
2019-02-26 16:37:04.385 [54043] INFO [rhodecode.authentication.base] Authenticating user `serviceaccount` using egg:rhodecode-enterprise-ce#token plugin
2019-02-26 16:37:04.402 [54043] INFO [rhodecode.authentication.plugins.auth_token] user `serviceaccount` successfully authenticated via authtoken
2019-02-26 16:37:04.402 [54043] INFO [rhodecode.lib.middleware.simplevcs] MAIN-AUTH successful for user `serviceaccount` from authtoken plugin
2019-02-26 16:37:04.413 [54043] INFO [rhodecode.lib.middleware.simplevcs] Access for IP:xxx.xxx.xxx.xxx allowed
2019-02-26 16:37:04.491 [54043] INFO [rhodecode.lib.middleware.simplevcs] pull action on hg repo &quot;repogroup/repo&quot; by &quot;serviceaccount&quot; from xxx.xxx.xxx.xxx mercurial/proto-1.0
2019-02-26 16:37:04.500 [54043] INFO [rhodecode.lib.middleware.simplevcs] Using HTTP implementation of scm app.
2019-02-26 16:37:04.546 [54043] INFO [rhodecode.lib.middleware.request_wrapper] IP: xxx.xxx.xxx.xxx Request to /repogroup/repo time: 0.481s [mercurial/proto-1.0]
</pre> RhodeCode CE/EE - Task #5537 (Resolved): Add owner to create_pull_request APIhttps://issues.rhodecode.com/issues/55372019-02-13T09:44:04ZMarcin Kuzminski [staff]marcin@rhodecode.com
<p>Similar like:<br>
<a href="https://code.rhodecode.com/rhodecode-enterprise-ce/files/fd4b2bf5348f1def66ac9495be06eac1e60f8fae/rhodecode/api/views/repo_api.py#L562">https://code.rhodecode.com/rhodecode-enterprise-ce/files/fd4b2bf5348f1def66ac9495be06eac1e60f8fae/rhodecode/api/views/repo_api.py#L562</a><br>
<a href="https://code.rhodecode.com/rhodecode-enterprise-ce/files/fd4b2bf5348f1def66ac9495be06eac1e60f8fae/rhodecode/api/views/repo_api.py#L640">https://code.rhodecode.com/rhodecode-enterprise-ce/files/fd4b2bf5348f1def66ac9495be06eac1e60f8fae/rhodecode/api/views/repo_api.py#L640</a></p>
<p>We should expose this to create_pull_request.</p>
<p>ps. We should maybe check all other API functions and make this type of functionality consistent across all create_ type function</p>
RhodeCode CE/EE - Feature #5536 (Resolved): Ability to disable server-side SSH key generationhttps://issues.rhodecode.com/issues/55362019-02-11T18:42:50ZCatalin Salgau
<p>Generating a private/public SSH key pair may be user-friendly, but shipping this from the server can pose security concerns.<br>
Please add a way to disable key generation and/or provide client client-side key generation(Web Crypto APIs are available in most modern browsers)<br>
Thanks</p>
RhodeCode CE/EE - Bug #5518 (Confirmed): Zero-sized files in /rhodecode/config/rcextensions/exampleshttps://issues.rhodecode.com/issues/55182018-12-11T14:03:29ZAlexander Altynchurin
<p>There are two examples in rcextensions that have zero size</p>
<p><a href="https://code.rhodecode.com/rhodecode-enterprise-ce/files/fd4b2bf5348f1def66ac9495be06eac1e60f8fae/rhodecode/config/rcextensions/examples">https://code.rhodecode.com/rhodecode-enterprise-ce/files/fd4b2bf5348f1def66ac9495be06eac1e60f8fae/rhodecode/config/rcextensions/examples</a></p>
Documentation - Support #5423 (Resolved): API-Documentation for Method "create_repo_group" faultyhttps://issues.rhodecode.com/issues/54232018-01-22T12:39:57ZMalte Onnen
<p>Adding the group_description does not work as described in the Docs.</p>
<p>Api-Call from PowerShell:<br>
<code>Invoke-WebRequest https://rhodecode-url/_admin/api -Method Post -Body {&quot;args&quot;:{&quot;description&quot;:&quot;testDescriptionWithoutBlanks&quot;,&quot;owner&quot;:2,&quot;group_name&quot;:&quot;testgrp&quot;},&quot;method&quot;:&quot;create_repo_group&quot;,&quot;auth_token&quot;:&quot;aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa&quot;,&quot;id&quot;:1}</code><br>
I also tried: <br>
<code>Invoke-WebRequest https://rhodecode-url/_admin/api -Method Post -Body {&quot;args&quot;:{&quot;group_description&quot;:&quot;testDescriptionWithoutBlanks&quot;,&quot;owner&quot;:2,&quot;group_name&quot;:&quot;testgrp&quot;},&quot;method&quot;:&quot;create_repo_group&quot;,&quot;auth_token&quot;:&quot;aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa&quot;,&quot;id&quot;:1}</code></p>
<p>Expected Result: <br>
<code>}<br>
&quot;id&quot;: 1,<br>
&quot;result&quot;: {<br>
&quot;repo_group&quot;: {<br>
&quot;parent_group&quot;: null,<br>
&quot;group_name&quot;: &quot;testgrp&quot;,<br>
&quot;group_description&quot;: &quot;testDescriptionWithoutBlanks&quot;,<br>
&quot;group_id&quot;: 12,<br>
&quot;owner&quot;: &quot;SUPERADMIN-USER&quot;,<br>
&quot;repositories&quot;: []<br>
},<br>
&quot;msg&quot;: &quot;Created new repo group</code>testgrp<code>&quot;<br>
},<br>
&quot;error&quot;: null<br>
}</code></p>
<p>Actual Result:<br>
<code>{<br>
&quot;id&quot;: 1,<br>
&quot;result&quot;: {<br>
&quot;repo_group&quot;: {<br>
&quot;parent_group&quot;: null,<br>
&quot;group_name&quot;: &quot;testgrp&quot;,<br>
&quot;group_description&quot;: &quot;testgrp&quot;,<br>
&quot;group_id&quot;: 12,<br>
&quot;owner&quot;: &quot;SUPERADMIN-USER&quot;,<br>
&quot;repositories&quot;: []<br>
},<br>
&quot;msg&quot;: &quot;Created new repo group</code>testgrp<code>&quot;<br>
},<br>
&quot;error&quot;: null<br>
}<br>
</code></p>
Documentation - Task #5408 (Resolved): Upate nginx documentation for non standard SSL porthttps://issues.rhodecode.com/issues/54082017-12-02T15:04:42ZMaurice Müller
<p>I&#39;m currently in an evaluation process for rhodecode. During my test setup it give me a headache that the given nginx example was not working fully in my set up (login and logout were getting a timeout although the user was logged in / out).</p>
<p>After a long search I figured out that the non standard SSL port was the issue. This can easily be fixed by replacng the following in the proxy.conf file (<a href="https://docs.rhodecode.com/RhodeCode-Enterprise/admin/nginx-tuning.html">https://docs.rhodecode.com/RhodeCode-Enterprise/admin/nginx-tuning.html</a>) :</p>
<p>replace:<br>
proxy_set_header Host $host;<br>
with:<br>
proxy_set_header Host $host:$server_port;</p>
<p>I hope this helps some other guys in the future ;)</p>
Documentation - Bug #5153 (Resolved): Documentation: /tmp permissions https://issues.rhodecode.com/issues/51532017-01-04T11:42:31ZSystems Administration
<p>Hello,<br>
in the documentation I&#39;d suggest different permissions for the tmpfs-mounted <code>/tmp</code> directory: from</p>
<pre># mount tmp to memory with 2GB limit and 755 write permissions
</pre>
<p>to</p>
<pre># mount tmp to memory with 2GB limit and 1777 write permissions
</pre> RhodeCode CE/EE - Task #4251 (Feedback): [customer] Pull request with subreposhttps://issues.rhodecode.com/issues/42512016-09-29T11:41:00ZMarcin Kuzminski [staff]marcin@rhodecode.com
<p>While a lot of time passed since we’ve exchanged emails last time, let me share some details about the way we work at R and what kind of Rhodecode improvements would be useful for us. </p>
<ul>
<li>Most of our iOS/Mac product repositories are Mercurial </li>
<li>We extensively use Mercurial’s subrepositories for internal dependencies: our internal libraries are Mercurial or git repositories, which are added to product repository as a subrepo. </li>
<li>I like github flow: creating feature branches (bookmarks in Mercurial), opening pull request to master (default), code-reviewing this pull request and merging it after review is finished</li>
</ul>
<p>Unfortunately Rhodecode does not allow to create pull request for Mercurial repository in case it contains any subrepo, even if there were no changes in that sub-repositories. </p>
<p>So that’s the main reason why we can’t use github flow with Rhodecode and that’s the reason why we have to Crucible. </p>
<p>I’ve shared these details with team about a year ago : <a href="https://rhodecode.tenderapp.com/help/discussions/support-tickets/1234-unable-to-create-pull-request">https://rhodecode.tenderapp.com/help/discussions/support-tickets/1234-unable-to-create-pull-request</a></p>
<p>Currently Rhodecode is more like a repository storage for us and while post-commit reviews are possible they are rarely used. That’s why most people at R almost never see Rhodecode web interface. </p>
<p>Let me know if you need any more details or have any workaround that would still allow us to use pull requests. </p>
RhodeCode CE/EE - Bug #4092 (Feedback): [ce, ee] Redmine/JIRA integrations - smart commitshttps://issues.rhodecode.com/issues/40922016-07-15T10:29:44ZDaniel Ddaniel@rhodecode.com
<p>For the redmine case there are 5 states for a ticket:</p>
<ul>
<li>new</li>
<li>in progress</li>
<li>resolved</li>
<li>feedback</li>
<li>closed&#39;</li>
</ul>
<p>Commit messages should be able to auto close/resolve tickets using keywords such as <code>fixes #42</code></p>
<p>The thing to think about is that the user may want &#39;fixes #20&#39; to set the redmine issue to any of &#39;resolved&#39;, &#39;feedback&#39; or &#39;closed&#39; - this should be set in the integration options.</p>
<p>Allowing custom multiple regex =&gt; state mappers per integration is the most powerful but might be overkill- making standard keywords might be better eg:</p>
<p>fixes =&gt; resolved<br>
closes =&gt; closed</p>
<p>Then again this might be no good for international users.</p>
RhodeCode Appenlight - Bug #3991 (Resolved): report logs need upper marginhttps://issues.rhodecode.com/issues/39912016-06-07T10:01:45ZLisa Quatmannlisa@rhodecode.com
<p>See attached; this text needs some padding around it.</p>
RhodeCode Appenlight - Bug #3989 (Resolved): even up report spacinghttps://issues.rhodecode.com/issues/39892016-06-07T10:00:03ZLisa Quatmannlisa@rhodecode.com
<p>See attached; note that the headers are closer to the report stats than they are to each other. Could use a little straightening out.</p>
RhodeCode CE/EE - Task #3454 (Feedback): [ce/ee] visually differentiate the two editionshttps://issues.rhodecode.com/issues/34542016-04-07T13:38:27ZOliver Strobeloliver@rhodecode.com
<p>Currently we are only changing the footer to include Community vs. Enterprise differentiation.</p>
<p>Purpose: It should be possible to tell the difference in edition quickly when switching between CE/EE tabs.</p>
<p>Potential solutions:<br>
1) Add the edition name into the header after the logo on the top left<br>
2) Change the colour of the header between editions, eg.<br>
CE = dark grey<br>
EE = black</p>
<p>Thoughts?</p>
RhodeCode CE/EE - Feature #2539 (Feedback): Recursive deletion of resourceshttps://issues.rhodecode.com/issues/25392015-08-25T16:11:48ZMarcin Kuzminski [staff]marcin@rhodecode.com
<p>Ticket from support: <a href="https://rhodecode.tenderapp.com/help/discussions/problems/7125-rc-225-after-deleting-repo-groups-on-file-system-then-rescan-the-repo-groups-are-always-in-the-db">https://rhodecode.tenderapp.com/help/discussions/problems/7125-rc-225-after-deleting-repo-groups-on-file-system-then-rescan-the-repo-groups-are-always-in-the-db</a></p>
<p>Use case:</p>
<ul>
<li>gemalto needs to often delete large repository groups, current system doesn&#39;t allow doing it from web interface</li>
<li>users need to delete manually each repo inside repo group and then delete the group itself</li>
</ul>
<p>Currently our system supports this operation in cleanup mode, so you can delete whole directory from the filesystem and run remap-and rescan. This is a workaround and should allow<br>
big cleanup, but it&#39;s far from being straightforward to do.</p>
<p>We need a consistent interface for deletion of resource that hold other resources. This should currently include two places</p>
<ul>
<li>user deletion (that hold repo groups/user groups/repositories)</li>
<li>repository group deletion (that hold other repositories)</li>
</ul>
<p>You can delete user or repository group in two ways, goind to admin &gt; users or admin &gt; repo groups and clicking delete.<br>
In case there are dependent objects, we should trigger a warning flash message, and redirect user to advanced settings section of user, or repo group. and allow them to do recursive delete.</p>
<p>There&#39;s already an interface for that in users advanced section, when you can select if you want to delete or transfer ownership of repositories or groups that user owns. <br>
We should re-use the logic, and make the same option available to deletion of repository groups. The user advanced section also needs some small improvements.</p>
<p>Recursive delete should have two options.</p>
<ul>
<li>delete resources</li>
<li>transfer ownership of resources to a different user in the system</li>
</ul>
<p>Currently part of that is implemented in user &gt; settings &gt; advanced where we have delete or detach option. <br>
Detach option unfortunetly picks the first super admin in the system which leads to<br>
odd results and you cannot control to whom you need to transfer the ownership.</p>